Secure your passwords

Passwords are the first line of defense against cyber criminals. It’s crucial to pick
strong passwords that are different for each of your important accounts and it is good
practice to update your passwords regularly. Follow these tips to create strong
passwords and keep them secure.

Use a unique password for each of your important accounts like email and online banking

Choosing the same password for each of your online accounts is like using the same key
to lock your home, car and office – if a criminal gains access to one, all of them are
compromised. So don’t use the same password for an online newsletter as you do for your
email or bank account. It may be less convenient, but picking multiple passwords keeps
you safer.

Keep your passwords in a secret place that isn’t easily visible

Writing down your passwords isn’t necessarily a bad idea. But if you do this, don’t
leave notes with your passwords in plain sight, on your computer or desk.

Use a long password made up of numbers, letters and symbols

The longer your password is, the harder it is to guess. So make your password long to
help keep your information safe. Adding numbers, symbols and mixed-case letters makes
it harder for would-be snoops or others to guess or crack your password. Please don’t
use ‘123456’ or ‘password,’ and avoid using publicly available information like your
phone number in your passwords. It’s not very original, and it isn’t very safe!

Try using a phrase that only you know

One idea is to think of a phrase that only you know, and make it be related to a
particular website to help you remember it. For your email you could start with “My
friends Tom and Jasmine send me a funny email once a day” and then use numbers and
letters to recreate it. “MfT&Jsmafe1ad” is a password with lots of variations.
Then repeat this process for other sites.

Set up your password recovery options and keep them up-to-date

If you forget your password or get locked out, you need a way to get back into your
account. Many services will send an email to you at a recovery email address if you
need to reset your password, so make sure your recovery email address is up-to-date and
an account you can still access.

Sometimes you can also add a phone number to your profile to receive a code to reset
your password via text message. Having a mobile phone number on your account is one of
the easiest and most reliable ways to help keep your account safe.

For example, service providers can use the phone number to challenge those who try to
break into your account, and can send you a verification code so you can get into your
account if you ever lose access. Giving a recovery phone number to Google won’t result
in you being signed up for marketing lists or getting more calls from telemarketers.

Your mobile phone is a more secure identification method than your recovery email
address or a security question because, unlike the other two, you have physical
possession of your mobile phone.

However, if you can’t or don’t want to add a phone number to your account, many
websites may ask you to choose a question to verify your identity in case you forget
your password. If the service you’re using allows you to create your own question, try
to come up with a question that has an answer only you would know and isn’t something
that you’ve posted about publicly or shared on social media.

Try to find a way to make your answer unique but memorable – you can do this by using
the tip above – so that even if someone guesses the answer, they won’t know how to
enter it properly. This answer is very important for you to remember – if you forget it
you may never be able to get back into your account.